And, btw, the Android thing also doesn’t affect anyone without gapps. Chill out.
so only 99% are affected, that really calms me down.
Many services that are connected to finance/payment require gapps, car sharing, banking etc.
you are right about secure boot, but this was rolled out with proper alternative routes from the beginning. i did not see anything like this for Android at this time
Does the bank app do anything that the mobile bank website can’t? I’ve never felt the need to install an actual bank app.
You can use micro g or sandbox gapps.
When I was tasked with buying laptopa for a company, I made sure to test Linux compatibility on every machine. If the model didn’t support Linux, we didn’t buy it.
Most of the devs were windows users, but there were enough devs and sysadmins that preferred Linux that it just made more sense to only buy hardware that supports both windows and Linux. I’m sure a lot of tech companies have a similar policy (it’s one reason think pads are so ubiquitous)
Corporate pressure would never allow such lockdown in the market
If you change platform keys, it looks to me like you can brick your system if hardware component drivers that execute during boot are signed by microsoft keys.
Microsoft will make sure many of their partners sign hardware drivers with their keys, to be windows 11 certified of course. No other reason.
They will encourage manufacturers to only allow secure boot in UEFI. Then at some point they will stop signing UEFI loaders, like shim, that linux distros rely on to boot.
You’re describing Secure Boot. It happened years ago.
And, btw, the Android thing also doesn’t affect anyone without gapps. Chill out.
so only 99% are affected, that really calms me down.
Many services that are connected to finance/payment require gapps, car sharing, banking etc.
you are right about secure boot, but this was rolled out with proper alternative routes from the beginning. i did not see anything like this for Android at this time
Don’t install gapps. And ffs don’t use banking on insecure devices anyway
If I don’t install gapps my banking apps don’t work.
Does the bank app do anything that the mobile bank website can’t? I’ve never felt the need to install an actual bank app. You can use micro g or sandbox gapps.
Some banks the website works only if you install some kernel modules. Worst than use the cellphone app.
I would literally switch banks over this
If it is possible yes, but sometimes it is not or the other options are even worst.
Define insecure devices.
When I was tasked with buying laptopa for a company, I made sure to test Linux compatibility on every machine. If the model didn’t support Linux, we didn’t buy it.
Most of the devs were windows users, but there were enough devs and sysadmins that preferred Linux that it just made more sense to only buy hardware that supports both windows and Linux. I’m sure a lot of tech companies have a similar policy (it’s one reason think pads are so ubiquitous)
Corporate pressure would never allow such lockdown in the market
There is no requirement for it, and can be disabled
Exactly.
For now.
Secure Boot is literally configurable. You can create your own key and sign whatever you want with it. See sbctl.
Yes and no. Most firmware this is impossible.
If you change platform keys, it looks to me like you can brick your system if hardware component drivers that execute during boot are signed by microsoft keys.
Microsoft will make sure many of their partners sign hardware drivers with their keys, to be windows 11 certified of course. No other reason.
They will encourage manufacturers to only allow secure boot in UEFI. Then at some point they will stop signing UEFI loaders, like shim, that linux distros rely on to boot.
…and Bob’s your uncle.